It was nice to own paypal.com for a while. It provided an excellent demo for this advisory, and assisted with finally getting some traction on this age-old vulnerability. All good things come to an end, so it's time for paypal.com to be returned to its rightful owners. All of you conspiracy theorist can go return to your quest for elvis - - I'm returning it on my own initiative, once I'm done finding the correct option on their customer-care hotline. You can see the new demo URLs here:

IDN spoofed url:

Click here to enter TSG
Click here to enter TSG via ssl

real:

Click here to enter TSG

IDN advisory - Update 2/11/05
Intial IDN advisory